Top PDF Cloud Storage and its Secure Overlay Techniques

Cloud Storage and its Secure Overlay Techniques

Cloud Storage and its Secure Overlay Techniques

For some computer owners, finding enough storage space to hold all the data they've acquired is a real challenge. Some people invest in larger hard drives. Others prefer external storage devices like thumb drives or compact discs. Desperate computer owners might delete entire folders worth of old files in order to make space for new information. But some are choosing to rely on a growing trend: cloud storage. Instead of storing information to computer's hard drive or other local storage device, it is saved to a remote database. The Internet provides the connection between computer and the database. On the surface, cloud storage has several advantages over traditional data storage. For example, if data is stored on a cloud storage system, user will be able to get to that data from any location that has Internet access. They wouldn't need to carry around a physical storage device or use the same computer to save and retrieve information. With the right storage system, user could even allow other people to access the data, turning a personal project into a collaborative effort.
Mostrar mais

5 Ler mais

Secure Deduplication for Cloud Storage Using Interactive Message-Locked Encryption with Convergent Encryption, To Reduce Storage Space

Secure Deduplication for Cloud Storage Using Interactive Message-Locked Encryption with Convergent Encryption, To Reduce Storage Space

advantage of deduplication is to reduce storage and improve the bandwidth (5). The level of deduplication attainable is determined by number of problems. The modern business backgrounds, deduplication percentages in the range of 4:1 (75%) to 500:1 (99.8%) are typical. Although deduplication benefits storage providers, it also creates a privacy threat for users. The randomized threshold method used in brute - force attacks. It can be maintained both client and server side deduplication system (6). Private deduplication is also one of the major problems in cloud data storage, the structure of private deduplication is constructed on the normal cryptography system (7). Here we use two encryption techniques iMLE and Convergent encryption. Convergent encryption is content hash key. It is the cryptographic algorithm that creates the identical cipher text from identical plain text. This is one type of system used to remove duplicate files in cloud storage (8). The client encrypts its plain text V with a deterministic interactive Message-Locked Encryption (IMLE) scheme under a B that is itself derived as a deterministic hash of the plain text m. Any Message-Locked Encryption (MLE) scheme specifies algorithm A,P,R,S. MLE can only provide security for unpredictable data within this range two data dimension emereged (9,10). Two types of security for MLE one is correlation and parameter dependence. Correlation means security holds when messages being encrypted and individually unpredictable are related it each other parameter dependence (11). The security holds even for messages that depends on the public parameter. IMLE turns out to be interesting in its own files and yields some other benefits to provide the first secure deduplication schemes they permits incremental updating.
Mostrar mais

13 Ler mais

Secure and efficient storage of multimedia: content in public cloud environments using joint compression and encryption

Secure and efficient storage of multimedia: content in public cloud environments using joint compression and encryption

In todays clouds the primary security mechanism is virtualization. Virtualization is a powerful defense, and protects against most attempts by users to launch attacks against other users. However, not all resources are virtualized and not all virtualization environments are bug-free. Virtualization software is known to have some aws that allow which allows to vi- sualize portions of virtualized code. That is, incorrect network virtualization may allow user to have access to sensitive code portions of the providers infrastructure, or to other users re- sources. These challenges, though, are similar to those involved in managing large non-cloud data centers, where different applications need to be protected from one another. Large Inter- net services will need to ensure that a security problem doesnt compromise everything. One last security concern is protecting the cloud user against the provider. The provider will by de nition control the "bottom layer" of the software stack, which effectively circumvents most known security techniques. Absent radical improvements in security technology, we expect that users will use contracts and courts, rather than clever security engineering, to guard against provider malfeasance [36].
Mostrar mais

125 Ler mais

A survey on top security threats in cloud computing

A survey on top security threats in cloud computing

Abstract—Cloud computing enables the sharing of resources such as storage, network, applications and software through internet. Cloud users can lease multiple resources according to their requirements, and pay only for the services they use. However, despite all cloud benefits there are many security concerns related to hardware, virtualization, network, data and service providers that act as a significant barrier in the adoption of cloud in the IT industry. In this paper, we survey the top security concerns related to cloud computing. For each of these security threats we describe, i) how it can be used to exploit cloud components and its effect on cloud entities such as providers and users, and ii) the security solutions that must be taken to prevent these threats. These solutions include the security techniques from existing literature as well as the best security practices that must be followed by cloud administrators.
Mostrar mais

5 Ler mais

DESIGN AND IMPLEMENTATION OF A PRIVACY PRESERVED OFF-PREMISES CLOUD STORAGE

DESIGN AND IMPLEMENTATION OF A PRIVACY PRESERVED OFF-PREMISES CLOUD STORAGE

Clients require full confidence that attackers are not able to steal, view or tamper their data. We know from the past studies that security and privacy on cloud is breached by external or internal attackers (Ling et al., 2011). External attacks are issued by hackers who steal client’s confidential records with an objective to obtain desired amount of cash. These attacks may take place by an IT personal belonging to competitors of CSP or client. The intention of these attacks is to damage the brand reputation of CSP or to abuse as well as misuse client’s files. CSPs secure their physical and virtual infrastructure by using various tools and techniques to protect data and their systems from outsider attacks. However, we found out that existing solutions are not adequate to preserve the client’s privacy. It is also identified that internal employees of CSP may become malicious as well (Catteddu and Hogben, 2009).
Mostrar mais

14 Ler mais

 Secure Erasure Code-Based Cloud Storage with Secured Data Forwarding Using Conditional Proxy Re-Encryption (C-PRE)

Secure Erasure Code-Based Cloud Storage with Secured Data Forwarding Using Conditional Proxy Re-Encryption (C-PRE)

Abstract - Cloud computing techniques are used to share resources. It transfers the application software and databases to the centralized large data centers. Storing important data with cloud storage providers comes with serious security risks. The cloud can leak confidential data, modify the data, or return inconsistent data to different users. So, the cloud data security requires authentication and integrity analysis for the storage data values. An erasure code provides redundancy by breaking objects up into smaller fragments and storing the fragments in different places. The key is that you can recover the data from any combination of a smaller number of those fragments. With threshold proxy re- encryption scheme (PRE) , a decentralized erasure code such that a secure distributed storage system is formulated. The distributed storage system not only supports secure and robust data storage and retrieval. It meets the requirements that storage servers independently perform encoding and re- encryption and key servers independently perform partial decryption. The system user forwards his data in the storage servers to another user without retrieving the data back. A major feature of the cloud services is that user’s data are usually processed remotely in unknown machines that users do not own or operate. Conditional Proxy Re-Encryption (C- PRE) is proposed, whereby user has a fine-grained control over the delegation. As a result, user can flexibly assign her delegate, and decryption capability based on the conditions attached to the messages, using a proxy with no higher trust than in existing PRE schemes.
Mostrar mais

5 Ler mais

Vertical Handover and Video Streaming Over Cloud in 4G Heterogeneous Overlay Wireless Networks

Vertical Handover and Video Streaming Over Cloud in 4G Heterogeneous Overlay Wireless Networks

other hand, the EDPF scheduling algorithm additionally makes use of the delays between the network proxy and the BSs to estimate the delivery times of packets via each available path. Proposed a new scheme that allows users to dynamically negotiate QoS profiles with different networks. The proposed scheme supports initial negotiation, renegotiation, bandwidth aggregation, and mobility. A new method to inform the QoS profile of a user to BS towards which the user is moving was presented, and its applicability was demonstrated through computer simulations. We showed that the proposed scheme achieves the shortest negotiation delays and reduces overhead in terms of both signalling messages and state information storage. The bandwidth aggregation mechanism mitigates the resource constraints in wireless networks. It helps users to negotiate their desired service levels and reach them by using one or more interfaces. Finally, an enhanced version of the EDPF scheduling algorithm was proposed to adapt it to the bandwidth allocation scheme implemented in our QoS negotiation system. We demonstrated via simulations that the proposed TS-EDPF scheduling algorithm largely mitigates the packet reordering issue and the packet loss rate.
Mostrar mais

11 Ler mais

Bernardo Luís da Silva Ferreira

Bernardo Luís da Silva Ferreira

and Ohrimenko 2015; Cash et al. 2014; Curtmola et al. 2006; Hahn and Ker- schbaum 2014; Kamara and Papamanthou 2013; Kamara et al. 2012; Kuzu et al. 2012; Naveed et al. 2014; Popa et al. 2014; Song et al. 2000; Stefanov et al. 2014). Originally designed for text documents, SSE schemes allow searching encrypted data in sub-linear time, by having users index their data (i.e. build a compact dictionary of the data; e.g. with the unique keywords of each text document) and uploading both encrypted index and data to the cloud for storage. However indexing computations are still too expensive for mobile devices, especially for multimodal data and rich media types such as images, audio, and video where training (i.e. machine learning) tasks also have to be performed before data can be efficiently indexed (Datta et al. 2008). Furthermore, searching in sub-linear time is only possible by revealing some information patterns to adversaries with each query, including if the query has been performed before and which data objects (although encrypted) were returned by it (search and access patterns (Curtmola et al. 2006), respectively). Finally, extending SSE to richer queries (Baldimtsi and Ohrimenko 2015; Cao et al. 2014; Kuzu et al. 2012; Wang et al. 2012) and other media domains (Lu et al. 2009; Weng et al. 2015; Yuan et al. 2014) has proven to be challenging. Existing works are limited to static collections (i.e. data-objects can’t be added, updated, or removed dynamically after deployment and initial load of a data repository) and require heavier client processing, while leaking ad- ditional information patterns such as frequency (e.g. how many times a keyword appears in a text document) (Kuzu et al. 2012).
Mostrar mais

203 Ler mais

Research on Distributed Software Testing Platform Based on Cloud Resource

Research on Distributed Software Testing Platform Based on Cloud Resource

Web server in servers section provides testing personnel 4 user serive interfaces such as registration/login, submitting testing tasks, querying testing results and registration of job running client. Database server is for storage static and dynamic data of system which is the resource sharing platform. Testing server consists of test task partition, test task scheduler, test results manager and a test task state tracker. Test task scheduler can implement task allocation fully based on dynamic parameters of running client resource. Test results management analysis test results uploading from operation end, which will produce test report by analysis of testing results through using software’s statistical measure criterion. State tracker is responsible for real-time tracking task running end state to call exception handling module according to state information correspondingly.
Mostrar mais

9 Ler mais

Privacy-Enhanced Dependable and Searchable Storage in a Cloud-of-Clouds

Privacy-Enhanced Dependable and Searchable Storage in a Cloud-of-Clouds

As seen by the previous Sections, the outsourcing of data to the cloud and the several problems that arise from doing so is an area of active investigation. Although several systems follow a related approach to the one taken on this thesis, they can be improved upon, addressing requirements not covered by those solutions. iDataGuard [30] and TSky [31] are proposals particularly related to the main dissertation contributions. Both these systems provide privacy, integrity, availability and text search capabilities. Text search only is however very limited when we consider that clouds are used to store multi-modal data and multi-modal operations. Other systems analyzed that follow key-value data store models don’t provide search capabilities and as such are even more limited (ex. Depsky [12], Farsite [27], Fairsky [32]). In our system model design (approached in chapter 3) we used both in-memory cloud storage backends (leveraged from the RAMCloud solution [13]) and disk based storage backends (leveraged from Depsky [12]), comparing the trade-offs in both. There are also other approaches like Silverline [29] and Google’s Encrypted BigQuery [34] geared towards databases instead of key-value stores. However they also have serious limitations: Silverline resorts to not encrypt data that the cloud needs to perform queries, while Encrypted BigQuery limits the possible queries using partial homomorphic schemes that only support text processing.
Mostrar mais

112 Ler mais

Guaranteeing Data Storage Security in Cloud Computing

Guaranteeing Data Storage Security in Cloud Computing

With a specific end goal to accomplish affirmation of information stockpiling accuracy furthermore, information slip limitation all the while, our plan totally depends on the pre computed check tokens. The principle thought is as per the following: before record appropriation the client pre computes a specific number of short check tokens on individual vector G(j) (j ∈ {1, . . . , n}), every token covering an irregular subset of information squares. Later, when the client needs to verify the capacity accuracy for the information in the cloud, he challenges the cloud servers with an arrangement of arbitrarily produced piece files. After getting test, every cloud server registers a short "mark" over the predetermined squares and returns them to the client. The estimations of these marks ought to match the relating tokens pre computed by the client. In the meantime, as all servers work over the same subset of the files, the asked for reaction values for respectability check should likewise is a substantial code word controlled by mystery lattice.
Mostrar mais

4 Ler mais

Enabling and Sharing Storage Space Under a Federated Cloud Environment

Enabling and Sharing Storage Space Under a Federated Cloud Environment

O trabalho que realizamos pode, grosso modo, ser subdividido em duas fases, sendo a primeira realizada durante a Unidade Curricular de ”Preparação de Dissertação” e a se- gunda no período de Elaboração de Dissertação. Assim, na primeira fase definiram-se, e atingiram-se, os seguintes objectivos: a) o estudo do paradigma cloud, em geral, e o de uma cloud OpenStack, que disponibiliza Infraestrura(s) como Serviço (IaaS), em par- ticular; b) investigar sistemas de armazenamento candidatos a serem integrados com os serviços de armazenamento OpenStack. Esta fase culminou com o estudo preliminar de quatro sistemas identificados como fortes candidatos a integrar com o OpenStack – NFS, GlusterFS, Sheepdog e Ceph – para os quais vertemos, nesta dissertação, as conclusões a que chegamos. O estudo destes sistemas específicos é fruto de uma pesquisa realizada, e deve-se ao facto de haver uma forte aderência na integração destes sistemas de arma- zenamento com o OpenStack e ao consequente desenvolvimento que permite introduzir novas funcionalidades. O Ceph é um requisito imposto inicialmente, dado que um dos parceiros do projecto (o CERN) tomou a decisão de usar o Ceph.
Mostrar mais

145 Ler mais

EOS: Evolutionary Overlay Service in Peer-to-Peer Systems

EOS: Evolutionary Overlay Service in Peer-to-Peer Systems

Moreover, from the work of Paul Silvey et al. [12] and G. Pandurangan et al. [13] , etc., we can conclude that there are respectable researches on improving the system performance by adapting the P2P topologies. Comparing with them, our work has two remarkable differences: (1) EOS adapts the topology on an evolutionary overlay model not just through cutting the edges. (2) The final overlay after evolution is more deeply depicted by EOS than others.

6 Ler mais

A Blockchain-Based Information Security Solution for a Distributed Multi-Cloud System

A Blockchain-Based Information Security Solution for a Distributed Multi-Cloud System

When talking about having our data timely available, on-demand, we are talking almost of a basic need people and businesses have nowadays and if businesses al- ready depend both on structured and unstructured data made available, relying on sophisticated Information Technology (IT) infrastructures, for economic progress or to generate profit [105], people on the other hand use it for self satisfaction, ex- traversion, emotional stability and openness to experience [106]. Therefore, when a service intended to answer these expectations defrauds them, it comes with no surprise that people tend to discard it. Cloud computing brought a new paradigm to this matter, when it made data available anywhere, in any device, even if it was not physically in it, as long as there was an opened connection to the internet. This was made possible through service providers who provided the infrastruc- tural means to do so, but nevertheless, the availability problem would remain if the service was centralized in a single service provider, as emphasized in [107]. To mitigate this issue, it is proposed to replicate data on multiple nodes, so that both response times and data availability would see a significant improvement [108], but some authors raise concerns about efficiency issues, when saying they might arise in peer-to-peer systems due to unreliable network conectivity, limited bandwith or erratic node failure [107].
Mostrar mais

110 Ler mais

Caracterização de tráfego de rede : Cloud Storage na Universidade do Minho

Caracterização de tráfego de rede : Cloud Storage na Universidade do Minho

Esta secção saliente os principais resultados da análise dos fluxos colectados. Conforme ilus- trado na Figura 4.1, o serviço mais acedido na UM diz respeito à rede social Facebook, seguida do motor de busca Google e do serviço de correio electrónico da instituição da Universidade do Minho. Com 3,1% dos acessos encontram-se os Cloud Storages, categoria essa que inclui todos as assinaturas/prestadores encontrados. Desse conjunto o prestador mais acedido é a Dropbox, com 71,39%. Não é possível a garantia de que no conjunto de fluxos denominados de “Outros” das Figura 4.1 não se encontrem incluídos fluxos Cloud Storage, pois sendo a Universidade do Minho anfitriã de muitos estudantes estrangeiros, é possível que estes possuam hábitos e recor- ram a CSP diferentes e não tão populares. No entanto, pode-se garantir ter sido efectuado uma pesquisa nos fluxos colectados relativamente aos CSP mais populares nacionais e internacionais. Relativamente às características dos CSP analisados, a Tabela 4.9 resume as principais carac- terísticas. Nesta tabela 3 não se encontram referências às portas utilizadas, pois como discutido
Mostrar mais

121 Ler mais

Secure authentication mechanisms for the management interface in cloud computing environments

Secure authentication mechanisms for the management interface in cloud computing environments

The advent of cloud computing has brought novel security issues speci c to the technology and to how it is deployed over the Internet, as Chapter 3 explained, along with the problems posed by authentication approaches. Virtualization is a key element for the proliferation of IaaS clouds, but it has brought new security issues like cross-VM channels. The Internet cyberspace has been growing over the years fruitfully, but so as been the deep underground side of it in a transparent manner for most Internet users, which are not aware of the Internet dangers. Services on public clouds are, by default, susceptible to issues already present in the Internet and the technologies it uses. Particularly, cloud computing services require some interface pro- viding capabilities to manage the subscribed service or services. Having the data on outsourced locations requires one to trust the entity in charge of the networking, storage and computation. Worst, the cloud is a shared environment accessed by other tenants. So, potentially sensitive data may be amongst other types of data, possibly unrelated, which belongs to other customers. The cloud computing model has further introduced more uncharted security risks. Given the importance this computing model already has these days and the prominence that most likely it will gain in the future, it is of interest for all to make it more secure. Until such risks are eliminated, potential cloud customers will yet remain reluctant about adopting cloud solutions. Because of less fortunate events from the past, the security awareness has started to take a more visible shape throughout standards, protocols, vendors, enterprises, and end users. There are efforts to mitigate the problems inherent to the cyberspace and technology of nowadays, and cloud computing is certainly within the scope of that effort.
Mostrar mais

125 Ler mais

Cloud Auditing With Zero Knowledge Privacy

Cloud Auditing With Zero Knowledge Privacy

To achieve security, we can handover our data to a third outsource party who will specify the correctness and integrity of the cloud data. Hence, new concept arrives as Third party auditor (TPA) who will audit the user data stored on the cloud, based on the user’s request. In this case, the Cloud service provider doesn’t have to worry about the correctness and integrity of the data. In this technique, TPA will audit the cloud data to check the integrity or correctness in two ways as: 1) Download all files and data from the cloud for auditing. This may include I/O and network transmission cost. 2) Apply auditing process only for accessing the data but again in this case, data loss or data damage cannot be defined for unaccessed data. Public auditability allows user to check integrity of outsource data under different system & security models. We cannot achieve privacy as TPA can see the actual content stored on a cloud during the auditing phase. TPA itself may leak the information stored in the cloud which violate data security. To avoid this, Encryption technique is used where data is encrypted before storing it on the cloud.
Mostrar mais

6 Ler mais

Hand-based multimodal identification system with secure biometric template storage

Hand-based multimodal identification system with secure biometric template storage

In the proposed system, the final identification decision is taken based on palmprint (PP) and finger surface (FS) matching, which are two well studied modalities. Several PP verification/identification systems have been proposed, using different feature extraction techniques, such as 2-D Gabor filters [10,11,12,13,14], 2-D Gaussian filters [15], finite Radon transform [16] and Discrete Cosine Transform (DCT) [17,18]. Subspace-based approaches are also commonly employed to perform feature extraction through Principal Component Analysis (PCA) [19,20,21], Linear Discriminant Analysis (LDA) [13,20,22,23] and Independent Component Analysis (ICA) [20,24,25]. Although FS recognition systems are not commonly found in the literature, this biometric trait is usually associated with PP in multimodal systems [14,19,22].
Mostrar mais

33 Ler mais

PUBLIC LINEAR PROGRAMMING SOLUTION FOR  THE DESIGN OF SECURE AND EFFICIENT  COMPUTING IN CLOUD

PUBLIC LINEAR PROGRAMMING SOLUTION FOR THE DESIGN OF SECURE AND EFFICIENT COMPUTING IN CLOUD

On the one hand, the outsourced computation workloads often contain sensitive information, such as the business financial records, proprietary research data, or personally identifiable health information etc. To combat against unauthorized information leakage, sensitive data have to be encrypted before outsourcing so as to provide end to- end data confidentiality assurance in the cloud and beyond. However, ordinary data encryption techniques in essence prevent cloud from performing any meaningful operation of the underlying plaintext data, making the computation over encrypted data a very hard problem. On the other hand, the operational details inside the cloud are not transparent enough to customers. As a result, there do exist various motivations for cloud server to behave unfaithfully and to return incorrect results, i.e., they may behave beyond the classical semi honest model.
Mostrar mais

12 Ler mais

COMPARISON OF NORMAL SELFISH OVERLAY NETWORK AND SELFISH OVERLAY NETWORK WITH DEPLOYMENT OF OVERLAY NODES USING FUZZY LOGIC

COMPARISON OF NORMAL SELFISH OVERLAY NETWORK AND SELFISH OVERLAY NETWORK WITH DEPLOYMENT OF OVERLAY NODES USING FUZZY LOGIC

Selfish overlay routing is the technique whereby the sender of the packet can specify the route that the packet should take through the network. Selfish overlay routing allow end users to select routes in an egocentic fashion to optimize their own performance without considering the system wide criteria which in turn cause performance degradation .The main concept behind the selfish overlay network is whenever there is a link failure the overlay nodes in the network will route the packet to their concerned destination.So far the overlay nodes are deployed randomly in the network and it is proved that the overlay nodes are happened to be deployed even in the place where there is no link failure.The demerit of such deployment of overlay nodes is memory consumption in the Selfish Overlay Network.To overcome such demerits overlay nodes are deployed dynamicaly in selfish overlay network using fuzzy logic and the result was compared with the normal selfish overlay network without fuzzy logic.Simulation results shows that selfish overlay network with overlay nodes deployed using fuzzy logic gives better result than the selfish overlay network with random deployment of overlay nodes.
Mostrar mais

8 Ler mais

Show all 10000 documents...